Subject: Re: Opera vulnerability for Firefox?
To: grant beattie <grant@NetBSD.org>
From: Jaromir Dolecek <jdolecek@NetBSD.org>
List: tech-pkg
Date: 02/27/2005 19:47:27
On Sun, Feb 27, 2005 at 02:20:51PM +1100, grant beattie wrote:
> opera<7.54pl2           remote-code-execution   http://secunia.com/advisories/13818/
> opera<=7.54pl2          www-address-spoof       http://secunia.com/advisories/14154/
> firefox{,-bin,-gtk2,-gtk2-bin}<=1.0             www-address-spoof       http://secunia.com/advisories/14154/
> mozilla{,-bin,-gtk2,-gtk2-bin}<=1.7.5           www-address-spoof       http://secunia.com/advisories/14154/
> 
> http://secunia.com/advisories/14154/ relates to an issue in Opera,
> Firefox and Mozilla aren't mentioned.

Those were pastos, I fixed those just now.
 
> and, from my reading, this is more of a social engineering problem than
> an actual software security issue.

The software part is that the user is let to believe they are
on different site than they really are.

See:

http://secunia.com/multiple_browsers_idn_spoofing_test/

And try the 'Test Now - Left Click on This Link'. In Opera,
the link itself appears to lead to www.paypal.com, and when opened
the address bar contains 'www.paypal.com.

In other words, this can be miused for phishing attacks.

Jaromir
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>            http://www.NetBSD.cz/
-=- We can walk our road together if our goals are all the same;     -=-
-=- We can run alone and free if we pursue a different aim.          -=-